apache + mod_auth_shadow
i would to ask this...
i have apache 2.0.47 and i want to allow my users to have a personal web page ( hp:/www/~username). i have setuped mod_userdir and everything is working fine. I also settuped mod_dav. the thing i want is a way that every user can login using mod_auth and dav, but with his/hers password from shadow file. I did that, but there is a prob, while logging to an account using someone elses username/pass.
eg: i have lets say, albertos and thomas.
/home/albertos/www --> for albertos
/home/thomas/www --> for thomas.
if i type in (using web folders) htp://www/~albertos and i use log/pass for thomas, then thomas can see albertos dir.
is there a way to extract the username from url, and require that user with mod_auth_shadow?
thanks in advance for any answer.
|